#!/bin/bash # A script to delete the multi-tier VPC resources created by create_multi_tier_vpc.sh. # --- Configuration --- REGION="us-east-1" VPC_NAME="MyWebAppVPC" # Must match the name used in create_multi_tier_vpc.sh # --- Helper function to get resource ID by tag --- get_resource_id_by_tag() { local resource_type=$1 local tag_name=$2 local tag_value=$3 aws ec2 describe-$resource_type \ --filters "Name=tag:$tag_name,Values=$tag_value" \ --region $REGION \ --query "$resource_type[0].$resource_type_id_field" \ --output text } # --- Get IDs of created resources --- echo "--- Retrieving IDs of resources to delete ---" VPC_ID=$(aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$VPC_NAME" --region $REGION --query 'Vpcs[0].VpcId' --output text) if [ -z "$VPC_ID" ]; then echo "VPC '$VPC_NAME' not found. Exiting."; exit 0; fi echo "Found VPC ID: $VPC_ID" PUBLIC_SUBNET_ID=$(aws ec2 describe-subnets --filters "Name=tag:Name,Values=${VPC_NAME}-Public-Subnet" --region $REGION --query 'Subnets[0].SubnetId' --output text) PRIVATE_SUBNET_APP_ID=$(aws ec2 describe-subnets --filters "Name=tag:Name,Values=${VPC_NAME}-Private-App-Subnet" --region $REGION --query 'Subnets[0].SubnetId' --output text) PRIVATE_SUBNET_DB_ID=$(aws ec2 describe-subnets --filters "Name=tag:Name,Values=${VPC_NAME}-Private-DB-Subnet" --region $REGION --query 'Subnets[0].SubnetId' --output text) IGW_ID=$(aws ec2 describe-internet-gateways --filters "Name=tag:Name,Values=${VPC_NAME}-IGW" --region $REGION --query 'InternetGateways[0].InternetGatewayId' --output text) NAT_GW_ID=$(aws ec2 describe-nat-gateways --filters "Name=tag:Name,Values=${VPC_NAME}-NAT-GW" --region $REGION --query 'NatGateways[0].NatGatewayId' --output text) EIP_ALLOC_ID=$(aws ec2 describe-nat-gateways --filters "Name=tag:Name,Values=${VPC_NAME}-NAT-GW" --region $REGION --query 'NatGateways[0].NatGatewayAddresses[0].AllocationId' --output text) PUBLIC_RT_ID=$(aws ec2 describe-route-tables --filters "Name=tag:Name,Values=${VPC_NAME}-Public-RT" --region $REGION --query 'RouteTables[0].RouteTableId' --output text) PRIVATE_RT_ID=$(aws ec2 describe-route-tables --filters "Name=tag:Name,Values=${VPC_NAME}-Private-RT" --region $REGION --query 'RouteTables[0].RouteTableId' --output text) WEB_SG_ID=$(aws ec2 describe-security-groups --filters "Name=group-name,Values=${VPC_NAME}-Web-SG" --region $REGION --query 'SecurityGroups[0].GroupId' --output text) APP_SG_ID=$(aws ec2 describe-security-groups --filters "Name=group-name,Values=${VPC_NAME}-App-SG" --region $REGION --query 'SecurityGroups[0].GroupId' --output text) DB_SG_ID=$(aws ec2 describe-security-groups --filters "Name=group-name,Values=${VPC_NAME}-DB-SG" --region $REGION --query 'SecurityGroups[0].GroupId' --output text) echo "--- Starting cleanup of VPC resources ---" # --- Delete Security Groups --- echo "Deleting Security Groups..." [ -n "$WEB_SG_ID" ] && aws ec2 delete-security-group --group-id $WEB_SG_ID --region $REGION && echo "Deleted Web SG: $WEB_SG_ID" [ -n "$APP_SG_ID" ] && aws ec2 delete-security-group --group-id $APP_SG_ID --region $REGION && echo "Deleted App SG: $APP_SG_ID" [ -n "$DB_SG_ID" ] && aws ec2 delete-security-group --group-id $DB_SG_ID --region $REGION && echo "Deleted DB SG: $DB_SG_ID" sleep 5 # Give time for SGs to detach # --- Delete Route Table Associations and Routes --- echo "Deleting Route Table Associations and Routes..." # Disassociate public route table from public subnet [ -n "$PUBLIC_RT_ID" ] && [ -n "$PUBLIC_SUBNET_ID" ] && \ ASSOC_ID=$(aws ec2 describe-route-tables --route-table-ids $PUBLIC_RT_ID --region $REGION --query "RouteTables[0].Associations[?SubnetId=='$PUBLIC_SUBNET_ID'].RouteTableAssociationId" --output text) && \ [ -n "$ASSOC_ID" ] && aws ec2 disassociate-route-table --association-id $ASSOC_ID --region $REGION # Delete routes from public route table [ -n "$PUBLIC_RT_ID" ] && aws ec2 delete-route --route-table-id $PUBLIC_RT_ID --destination-cidr-block 0.0.0.0/0 --region $REGION # Disassociate private route table from private subnets [ -n "$PRIVATE_RT_ID" ] && [ -n "$PRIVATE_SUBNET_APP_ID" ] && \ ASSOC_ID=$(aws ec2 describe-route-tables --route-table-ids $PRIVATE_RT_ID --region $REGION --query "RouteTables[0].Associations[?SubnetId=='$PRIVATE_SUBNET_APP_ID'].RouteTableAssociationId" --output text) && \ [ -n "$ASSOC_ID" ] && aws ec2 disassociate-route-table --association-id $ASSOC_ID --region $REGION [ -n "$PRIVATE_RT_ID" ] && [ -n "$PRIVATE_SUBNET_DB_ID" ] && \ ASSOC_ID=$(aws ec2 describe-route-tables --route-table-ids $PRIVATE_RT_ID --region $REGION --query "RouteTables[0].Associations[?SubnetId=='$PRIVATE_SUBNET_DB_ID'].RouteTableAssociationId" --output text) && \ [ -n "$ASSOC_ID" ] && aws ec2 disassociate-route-table --association-id $ASSOC_ID --region $REGION # Delete routes from private route table [ -n "$PRIVATE_RT_ID" ] && aws ec2 delete-route --route-table-id $PRIVATE_RT_ID --destination-cidr-block 0.0.0.0/0 --region $REGION # Delete Route Tables [ -n "$PUBLIC_RT_ID" ] && aws ec2 delete-route-table --route-table-id $PUBLIC_RT_ID --region $REGION && echo "Deleted Public RT: $PUBLIC_RT_ID" [ -n "$PRIVATE_RT_ID" ] && aws ec2 delete-route-table --route-table-id $PRIVATE_RT_ID --region $REGION && echo "Deleted Private RT: $PRIVATE_RT_ID" sleep 5 # --- Delete NAT Gateway --- echo "Deleting NAT Gateway..." [ -n "$NAT_GW_ID" ] && aws ec2 delete-nat-gateway --nat-gateway-id $NAT_GW_ID --region $REGION && echo "Deleted NAT GW: $NAT_GW_ID" [ -n "$NAT_GW_ID" ] && aws ec2 wait nat-gateway-deleted --nat-gateway-ids $NAT_GW_ID --region $REGION [ -n "$EIP_ALLOC_ID" ] && aws ec2 release-address --allocation-id $EIP_ALLOC_ID --region $REGION && echo "Released EIP: $EIP_ALLOC_ID" sleep 5 # --- Detach and Delete Internet Gateway --- echo "Detaching and deleting Internet Gateway..." [ -n "$IGW_ID" ] && aws ec2 detach-internet-gateway --internet-gateway-id $IGW_ID --vpc-id $VPC_ID --region $REGION [ -n "$IGW_ID" ] && aws ec2 delete-internet-gateway --internet-gateway-id $IGW_ID --region $REGION && echo "Deleted IGW: $IGW_ID" sleep 5 # --- Delete Subnets --- echo "Deleting Subnets..." [ -n "$PUBLIC_SUBNET_ID" ] && aws ec2 delete-subnet --subnet-id $PUBLIC_SUBNET_ID --region $REGION && echo "Deleted Public Subnet: $PUBLIC_SUBNET_ID" [ -n "$PRIVATE_SUBNET_APP_ID" ] && aws ec2 delete-subnet --subnet-id $PRIVATE_SUBNET_APP_ID --region $REGION && echo "Deleted Private App Subnet: $PRIVATE_SUBNET_APP_ID" [ -n "$PRIVATE_SUBNET_DB_ID" ] && aws ec2 delete-subnet --subnet-id $PRIVATE_SUBNET_DB_ID --region $REGION && echo "Deleted Private DB Subnet: $PRIVATE_SUBNET_DB_ID" sleep 5 # --- Delete VPC --- echo "Deleting VPC..." [ -n "$VPC_ID" ] && aws ec2 delete-vpc --vpc-id $VPC_ID --region $REGION && echo "Deleted VPC: $VPC_ID" echo -e "\n--- VPC cleanup complete! ---"